We are currently working on Deploying Microsoft Sentinel, and I’d like to get the data connector for Box working, Microsoft’s documentation is sparse and vague (feigning surprise!). In combining both their docs and Box.com, I think the issue is what is needed for the JSON input parameters, nothing I’ve seen so far has given me specifics.
Has anyone been able to implement this successfully?
Thanks!
Mike
Hi @mikekaro , welcome to the forum!
I am unfamiliar with Microsoft Sentinel, but perhaps I can help on the Box side.
I’m going to need a bit more context on this, can you eleaborate?
Best regards
Here is what I am working off of. I’m sticking to what’s related in your docs as far as JWT auth.
Box (using Azure Functions) connector for Microsoft Sentinel | Microsoft Learn
Hi @mikekaro
Let’s start with the basics. Do you have a Box application configured to authenticate via JWT and the corresponding JWT config.json file, as stated here?
Here is an example of a JWT configured app (you’ll need to access your developer console at https://app.box.com/developers/console:
Best regards
Very good, it seems from the Box side you’re all set.
What do you mean by this?
I’m trying to get this same Sentinel Logging enabled and I also have the API and JWT Authorized.
I’ve made changes and signed into and out of Box many times. How do we troubleshoot this type of integration?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
